Firewall on Debian Lenny

There is no doubt that a Linux system is many times more secure than a Windows one. That isn’t an excuse to ignore risk however, as there are still ways to compromise a system. The internet is still the modern equivalent of the Wild West and you need to protect yourself whatever you do.
Installing a firewall should be job number one for any machine of any kind that is going to be connected to a network. Even geeks like me who have a hardware firewall on their router, still have a firewall on the local machines as a second line of defense against the naughty people.

This is where Debian falls down in my opinion. There is an iptables basis for a firewall built in, but it seems to need a lot of configuration to get it working. I got round this by using Firestarter, which is an external program that packages everything in a nice friendly GUI.
Firestarter is available through Synaptic Package Manager or apt-get, and installs quite quickly. There are a couple of configuration screens but the defaults are pretty much all you need unless you still use dialup or want to share your connection with other machines.

apt-get install firestarter
If installed through apt-get or Synaptic the package installs itself as a service so it will run whenever you use your machine. This is a good thing as you are automatically protected. I’m not sure I’m quite up to configuring a firewall every time I use the machine!
I love wizards, I think they are great. Tall pointy hats and big sleeves. No!
Firestarter has a configuration wizard which takes all the grunt work out of setting things up for you. The program automatically detects your network hardware and asks you to choose your Internet facing device. If you are on broadband or have a switch or router then this will probably be eth0.
Unless you have a static IP address, leave the tick by IP Address is assigned via DHCP. This option will be suitable to most users as the majority of ISPs use dynamic IP addressing.

You next choice will be whether to allow internet connection sharing. That is if you want other machines to connect to the internet through your Debian box.
The next page is the last one. See, I told you it was easy.
Here you get to save your options and start the program. If you save here and change your mind later, you can always reconfigure it, nothing is written in stone.

When you first start Firestarter you will see the status page. It shows you pretty much what’s going on with it. The main thing you want to check is the Status on the left. There should be a blue circle with the word ‘Active’ underneath. If you have that then you are protected.

When the firewall is active it will record any events that it sees. You can check these on the Events page. It is wise to check this page periodically once first configured to ensure it isn’t blocking something you want to let through. Other than that you can just leave it alone to do its thing!
Firewalls are another massive subject that go way beyond the scope of this post, but you should at least have a basic understanding of one of many firewall options open to you and have one running while you explore the subject further.

Like this:

Related

By installing and configuring a firewall like this one you do not increase the security of the system. By default you have the unused ports blocked, but you may open such you don’t use with Firestarter/Guarddog. If you have time and patience, the Debian securing (was it “hardening”) manual is more than enough to follow.